PT-2020-13618 · Mitel · Mitel Mivoice 6800+1
Matthew Byrdwell
·
Published
2020-08-26
·
Updated
2020-09-01
·
CVE-2020-13617
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Mitel MiVoice 6800 and 6900 series SIP Phones versions prior to 5.1.0.SP5
Description
The issue is related to improper memory handling during failed login attempts in the Web UI component, which could allow an unauthenticated attacker to expose sensitive information.
Recommendations
For versions prior to 5.1.0.SP5, update the firmware to version 5.1.0.SP5 or later to resolve the issue.
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mitel Mivoice 6800
Mitel Mivoice 6900